fosslight-binary 4.1.29__tar.gz → 4.1.30__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/PKG-INFO +1 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/requirements.txt +1 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/setup.py +1 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/_help.py +1 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/_jar_analysis.py +6 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/binary_analysis.py +25 -31
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/cli.py +6 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/PKG-INFO +1 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/requires.txt +1 -1
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/LICENSE +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/LICENSES/Apache-2.0.txt +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/LICENSES/LicenseRef-3rd_party_licenses.txt +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/MANIFEST.in +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/README.md +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/setup.cfg +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/__init__.py +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/_binary.py +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary/_binary_dao.py +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/SOURCES.txt +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/dependency_links.txt +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/entry_points.txt +0 -0
- {fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/top_level.txt +0 -0
|
@@ -15,6 +15,7 @@ _HELP_MESSAGE_BINARY = """
|
|
|
15
15
|
-h\t\t\t\t Print help message
|
|
16
16
|
-v\t\t\t\t Print FOSSLight Binary Scanner version
|
|
17
17
|
-s\t\t\t\t Extract only the binary list in simple mode
|
|
18
|
+
-e <path>\t\t\t Path to exclude from analysis (files and directories)
|
|
18
19
|
-o <output_path>\t\t Output path
|
|
19
20
|
\t\t\t\t (If you want to generate the specific file name, add the output path with file name.)
|
|
20
21
|
-f <format>\t\t\t Output file format (excel, csv, opossum, yaml)
|
|
@@ -161,7 +161,7 @@ def get_oss_info_from_pkg_info(pkg_info):
|
|
|
161
161
|
return oss_name, oss_version
|
|
162
162
|
|
|
163
163
|
|
|
164
|
-
def analyze_jar_file(path_to_find_bin):
|
|
164
|
+
def analyze_jar_file(path_to_find_bin, path_to_exclude):
|
|
165
165
|
remove_owasp_item = []
|
|
166
166
|
owasp_items = {}
|
|
167
167
|
remove_vulnerability_items = []
|
|
@@ -212,6 +212,11 @@ def analyze_jar_file(path_to_find_bin):
|
|
|
212
212
|
# Even if the oss info is from pom.xml in jar file, the file name will be .jar file.
|
|
213
213
|
# But the oss info from pom.xml could be different from .jar file.
|
|
214
214
|
bin_with_path = val.get("filePath")
|
|
215
|
+
|
|
216
|
+
if any(os.path.commonpath([bin_with_path, exclude_path]) == exclude_path
|
|
217
|
+
for exclude_path in path_to_exclude):
|
|
218
|
+
continue
|
|
219
|
+
|
|
215
220
|
if not bin_with_path.endswith('.jar'):
|
|
216
221
|
bin_with_path = bin_with_path.split('.jar')[0] + '.jar'
|
|
217
222
|
|
|
@@ -13,7 +13,6 @@ import yaml
|
|
|
13
13
|
import stat
|
|
14
14
|
from fosslight_util.set_log import init_log
|
|
15
15
|
import fosslight_util.constant as constant
|
|
16
|
-
from fosslight_util.write_txt import write_txt_file
|
|
17
16
|
from fosslight_util.output_format import check_output_format, write_output_file
|
|
18
17
|
from ._binary_dao import get_oss_info_from_db
|
|
19
18
|
from ._binary import BinaryItem
|
|
@@ -24,8 +23,8 @@ from fosslight_util.cover import CoverItem
|
|
|
24
23
|
_PKG_NAME = "fosslight_binary"
|
|
25
24
|
logger = logging.getLogger(constant.LOGGER_NAME)
|
|
26
25
|
|
|
27
|
-
_REMOVE_FILE_EXTENSION = ['
|
|
28
|
-
'
|
|
26
|
+
_REMOVE_FILE_EXTENSION = ['qm', 'xlsx', 'pdf', 'pptx', 'jfif', 'docx', 'doc', 'whl',
|
|
27
|
+
'xls', 'xlsm', 'ppt', 'mp4', 'pyc', 'plist', 'dat', 'json', 'js']
|
|
29
28
|
_REMOVE_FILE_COMMAND_RESULT = [
|
|
30
29
|
'data', 'timezone data', 'apple binary property list']
|
|
31
30
|
INCLUDE_FILE_COMMAND_RESULT = ['current ar archive']
|
|
@@ -41,13 +40,13 @@ _start_time = ""
|
|
|
41
40
|
windows = False
|
|
42
41
|
BYTES = 2048
|
|
43
42
|
|
|
44
|
-
|
|
43
|
+
BIN_EXT_HEADER = {'BIN_FL_Binary': ['ID', 'Binary Path', 'OSS Name',
|
|
45
44
|
'OSS Version', 'License', 'Download Location',
|
|
46
45
|
'Homepage', 'Copyright Text', 'Exclude',
|
|
47
46
|
'Comment', 'Vulnerability Link', 'TLSH', 'SHA1']}
|
|
48
47
|
|
|
49
48
|
|
|
50
|
-
def init(path_to_find_bin, output_file_name, format):
|
|
49
|
+
def init(path_to_find_bin, output_file_name, format, path_to_exclude=[]):
|
|
51
50
|
global _root_path, logger, _start_time
|
|
52
51
|
|
|
53
52
|
_json_ext = ".json"
|
|
@@ -69,37 +68,41 @@ def init(path_to_find_bin, output_file_name, format):
|
|
|
69
68
|
|
|
70
69
|
if output_file != "":
|
|
71
70
|
result_report = output_file
|
|
72
|
-
bin_txt_file = f"{output_file}.txt"
|
|
73
71
|
else:
|
|
74
72
|
if output_extension == _json_ext:
|
|
75
73
|
result_report = f"fosslight_opossum_bin_{_start_time}"
|
|
76
74
|
else:
|
|
77
75
|
result_report = f"fosslight_report_bin_{_start_time}"
|
|
78
|
-
bin_txt_file = f"fosslight_binary_bin_{_start_time}.txt"
|
|
79
76
|
|
|
80
77
|
result_report = os.path.join(output_path, result_report)
|
|
81
|
-
binary_txt_file = os.path.join(output_path, bin_txt_file)
|
|
82
78
|
else:
|
|
83
79
|
logger.error(f"Format error - {msg}")
|
|
84
80
|
sys.exit(1)
|
|
85
81
|
|
|
86
82
|
log_file = os.path.join(output_path, f"fosslight_log_bin_{_start_time}.txt")
|
|
87
|
-
logger, _result_log = init_log(log_file, True, logging.INFO, logging.DEBUG, _PKG_NAME, path_to_find_bin)
|
|
83
|
+
logger, _result_log = init_log(log_file, True, logging.INFO, logging.DEBUG, _PKG_NAME, path_to_find_bin, path_to_exclude)
|
|
88
84
|
|
|
89
85
|
if not success:
|
|
90
86
|
error_occured(error_msg=msg,
|
|
91
87
|
result_log=_result_log,
|
|
92
88
|
exit=True)
|
|
93
|
-
return _result_log, result_report,
|
|
89
|
+
return _result_log, result_report, output_extension
|
|
94
90
|
|
|
95
91
|
|
|
96
|
-
def get_file_list(path_to_find):
|
|
92
|
+
def get_file_list(path_to_find, abs_path_to_exclude):
|
|
97
93
|
bin_list = []
|
|
98
94
|
file_cnt = 0
|
|
99
95
|
found_jar = False
|
|
100
96
|
|
|
101
97
|
for root, dirs, files in os.walk(path_to_find):
|
|
98
|
+
if os.path.abspath(root) in abs_path_to_exclude:
|
|
99
|
+
continue
|
|
102
100
|
for file in files:
|
|
101
|
+
file_path = os.path.join(root, file)
|
|
102
|
+
file_abs_path = os.path.abspath(file_path)
|
|
103
|
+
if any(os.path.commonpath([file_abs_path, exclude_path]) == exclude_path
|
|
104
|
+
for exclude_path in abs_path_to_exclude):
|
|
105
|
+
continue
|
|
103
106
|
file_lower_case = file.lower()
|
|
104
107
|
extension = file_lower_case.split(".")[-1]
|
|
105
108
|
|
|
@@ -128,21 +131,22 @@ def get_file_list(path_to_find):
|
|
|
128
131
|
|
|
129
132
|
|
|
130
133
|
def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=False,
|
|
131
|
-
correct_mode=True, correct_filepath=""):
|
|
134
|
+
correct_mode=True, correct_filepath="", path_to_exclude=[]):
|
|
132
135
|
|
|
133
|
-
_result_log, result_report,
|
|
134
|
-
path_to_find_bin, output_dir, format)
|
|
136
|
+
_result_log, result_report, output_extension = init(
|
|
137
|
+
path_to_find_bin, output_dir, format, path_to_exclude)
|
|
135
138
|
|
|
136
139
|
total_bin_cnt = 0
|
|
137
140
|
total_file_cnt = 0
|
|
138
141
|
db_loaded_cnt = 0
|
|
139
142
|
success_to_write = False
|
|
140
143
|
writing_msg = ""
|
|
141
|
-
extended_header = {}
|
|
142
144
|
hide_header = {'TLSH', "SHA1"}
|
|
143
145
|
content_list = []
|
|
144
146
|
result_file = ""
|
|
145
147
|
bin_list = []
|
|
148
|
+
base_dir_name = os.path.basename(path_to_find_bin)
|
|
149
|
+
abs_path_to_exclude = [os.path.abspath(os.path.join(base_dir_name, path)) for path in path_to_exclude if path.strip() != ""]
|
|
146
150
|
|
|
147
151
|
if not os.path.isdir(path_to_find_bin):
|
|
148
152
|
error_occured(error_msg=f"Can't find the directory : {path_to_find_bin}",
|
|
@@ -151,7 +155,7 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
|
|
|
151
155
|
if not correct_filepath:
|
|
152
156
|
correct_filepath = path_to_find_bin
|
|
153
157
|
try:
|
|
154
|
-
total_file_cnt, file_list, found_jar = get_file_list(path_to_find_bin)
|
|
158
|
+
total_file_cnt, file_list, found_jar = get_file_list(path_to_find_bin, abs_path_to_exclude)
|
|
155
159
|
return_list = list(return_bin_only(file_list))
|
|
156
160
|
except Exception as ex:
|
|
157
161
|
error_occured(error_msg=f"Failed to check whether it is binary or not : {ex}",
|
|
@@ -163,31 +167,21 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
|
|
|
163
167
|
else:
|
|
164
168
|
cover = CoverItem(tool_name=_PKG_NAME,
|
|
165
169
|
start_time=_start_time,
|
|
166
|
-
input_path=path_to_find_bin
|
|
170
|
+
input_path=path_to_find_bin,
|
|
171
|
+
exclude_path=path_to_exclude)
|
|
167
172
|
try:
|
|
168
173
|
# Run OWASP Dependency-check
|
|
169
174
|
if found_jar:
|
|
170
175
|
logger.info("Run OWASP Dependency-check to analyze .jar file")
|
|
171
|
-
owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin)
|
|
176
|
+
owasp_items, vulnerability_items, success = analyze_jar_file(path_to_find_bin, abs_path_to_exclude)
|
|
172
177
|
if success:
|
|
173
178
|
return_list = merge_binary_list(owasp_items, vulnerability_items, return_list)
|
|
174
|
-
extended_header = JAR_VUL_HEADER
|
|
175
179
|
else:
|
|
176
180
|
logger.warning("Could not find OSS information for some jar files.")
|
|
177
181
|
|
|
178
182
|
return_list, db_loaded_cnt = get_oss_info_from_db(return_list, dburl)
|
|
179
183
|
return_list = sorted(return_list, key=lambda row: (row.bin_name))
|
|
180
184
|
|
|
181
|
-
if return_list:
|
|
182
|
-
str_files = (x.get_print_binary_only() for x in return_list)
|
|
183
|
-
success, error = write_txt_file(binary_txt_file,
|
|
184
|
-
"Binary\tsha1sum\ttlsh\n" + '\n'.join(str_files))
|
|
185
|
-
|
|
186
|
-
if success:
|
|
187
|
-
_result_log["FOSSLight binary.txt"] = binary_txt_file
|
|
188
|
-
else:
|
|
189
|
-
error_occured(error_msg=error, exit=False)
|
|
190
|
-
|
|
191
185
|
sheet_list = {}
|
|
192
186
|
for item in return_list:
|
|
193
187
|
content_list.extend(item.get_oss_report())
|
|
@@ -201,10 +195,10 @@ def find_binaries(path_to_find_bin, output_dir, format, dburl="", simple_mode=Fa
|
|
|
201
195
|
logger.info("Success to correct with yaml.")
|
|
202
196
|
cover.comment = f"Total number of binaries: {total_bin_cnt} "
|
|
203
197
|
if total_bin_cnt == 0:
|
|
204
|
-
cover.comment += "(No
|
|
198
|
+
cover.comment += "(No binary detected.) "
|
|
205
199
|
cover.comment += f"/ Total number of files: {total_file_cnt}"
|
|
206
200
|
success_to_write, writing_msg, result_file = write_output_file(result_report, output_extension, sheet_list,
|
|
207
|
-
|
|
201
|
+
BIN_EXT_HEADER, hide_header, cover)
|
|
208
202
|
except Exception as ex:
|
|
209
203
|
error_occured(error_msg=str(ex), exit=False)
|
|
210
204
|
|
|
@@ -16,6 +16,7 @@ _PKG_NAME = "fosslight_binary"
|
|
|
16
16
|
def main():
|
|
17
17
|
global windows
|
|
18
18
|
path_to_find_bin = ""
|
|
19
|
+
path_to_exclude = []
|
|
19
20
|
output_dir = ""
|
|
20
21
|
format = ""
|
|
21
22
|
db_url = ""
|
|
@@ -30,6 +31,7 @@ def main():
|
|
|
30
31
|
parser.add_argument('-o', '--output', type=str, required=False)
|
|
31
32
|
parser.add_argument('-d', '--dburl', type=str, default='', required=False)
|
|
32
33
|
parser.add_argument('-f', '--format', type=str, required=False)
|
|
34
|
+
parser.add_argument('-e', '--exclude', nargs="*", required=False, default=[])
|
|
33
35
|
parser.add_argument('--notice', action='store_true', required=False)
|
|
34
36
|
parser.add_argument('--no_correction', action='store_true', required=False)
|
|
35
37
|
parser.add_argument('--correct_fpath', nargs=1, type=str, required=False)
|
|
@@ -55,6 +57,9 @@ def main():
|
|
|
55
57
|
else:
|
|
56
58
|
path_to_find_bin = os.getcwd()
|
|
57
59
|
|
|
60
|
+
if args.exclude: # -e option
|
|
61
|
+
path_to_exclude = args.exclude
|
|
62
|
+
|
|
58
63
|
if args.output: # -o option
|
|
59
64
|
output_dir = args.output
|
|
60
65
|
|
|
@@ -88,7 +93,7 @@ def main():
|
|
|
88
93
|
timer.setDaemon(True)
|
|
89
94
|
timer.start()
|
|
90
95
|
|
|
91
|
-
find_binaries(path_to_find_bin, output_dir, format, db_url, simple_mode, correct_mode, correct_filepath)
|
|
96
|
+
find_binaries(path_to_find_bin, output_dir, format, db_url, simple_mode, correct_mode, correct_filepath, path_to_exclude)
|
|
92
97
|
|
|
93
98
|
|
|
94
99
|
if __name__ == '__main__':
|
|
File without changes
|
|
File without changes
|
{fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/LICENSES/LicenseRef-3rd_party_licenses.txt
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/SOURCES.txt
RENAMED
|
File without changes
|
|
File without changes
|
{fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/entry_points.txt
RENAMED
|
File without changes
|
{fosslight_binary-4.1.29 → fosslight_binary-4.1.30}/src/fosslight_binary.egg-info/top_level.txt
RENAMED
|
File without changes
|